Solved

Windows Firewall Ports on Exchange 2007 CAS/HUB/MAILBOX Server

Posted on 2008-10-24
6
3,042 Views
Last Modified: 2012-05-05
I recently turned on Windows Firewall on a Windows Server 2003 SP2 that has Exchange 2007 SP1 CAS/HUB/MAILBOX roles configured and email stopped coming in. I was wondering what ports I need to open to allow internal users to connect using Outlook 2003 and 2007. I tried to open port 25 & 443 but it still didn't work.
0
Comment
Question by:katredrum
6 Comments
 
LVL 8

Expert Comment

by:DenverRick
ID: 22799344
It will depend on where the Domain info is coming from, is this box a DC?
0
 
LVL 1

Author Comment

by:katredrum
ID: 22799851
No, it is only a member server.
0
 
LVL 5

Accepted Solution

by:
Probity earned 500 total points
ID: 22801876
25 - smtp
110 - pop3
143 - imap4
80 - http
443 - https

Those are necessary... however, if you have local users connecting to the box, they will be using MAPI which uses many ports (random) to connect to the server -- unless you're having your users use RPC over HTTPS in-house or POP/IMAP - you will need to disable to firewall.
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 1

Author Comment

by:katredrum
ID: 22815749
Probity, thank you for your response. I do have users connecting via Outlook from inside the network so I will need to disable the firewall. Is it common practice to disable Windows Firewall on servers in general?
I had all my servers configured this way (without firewall on) but with some users on the network being infected with spyware, adware, and virus' I wanted to try and prevent the server from being infected on ports that doesn't have to be open.
0
 
LVL 1

Author Closing Comment

by:katredrum
ID: 31511014
Did a little more researching and found that no one really put the Windows Firewall on Exchange Server if they have a corporate firewall. I think it is kind of stupid that Microsoft isn't able to program their software to be protected using their own firewall.
0
 
LVL 1

Expert Comment

by:Nelesh_N
ID: 24410612
Sorry just to pick up on this. I'm having issues with dsl users coming into the network. If the maibox resides on the one cluster it works fine, if connecting to the other cluster it drops on ports 2141 and 2112. Are these the dynamic ports that exchange use to connect to Outlook?
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Resolve DNS query failed errors for Exchange
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now